Phishing

sending a legitimate-looking message to convince a recipient to do something
// updated 2025-05-26 14:44

Phishing refers to a deceptive technique that:

  • uses a communication medium (usually e-mail or text messaging)
  • tricks a recipient into revealing sensitive information (such as passwords and bank account data)
  • makes the recipient reply directly or enter the data into a fake website

Techniques

Amateur phishing techniques are easily outed with:

  • a terrible imitation of a "legitimate" branding, e.g.:
    • low-resolution logos
    • website designs that "look off"
      • off-coloured and off-sized fonts
      • badly-aligned text and images
      • outdated designs
    • completely fake domain name
  • a poor use of the recipient's language, e.g.:
    • non-standard verbiage
    • spelling and grammar mistakes
    • foreign-sounding tone
  • the need to e-mail sensitive data rather than through a more secure channel
    • or worse, the need to "call a phone number"

Advanced phishing techniques, however, look more legitimate and can fool even the most alert and paranoid:

  • a very convincing website design and branding
    • professionally designed logos
    • unsuspicious web design
    • using a very convincing spoof domain name like "yourbank.cc" instead of "yourbank.com"
  • an excellent command of the recipient's language
    • a style of writing that looks very business-oriented
    • no spelling and grammar mistakes
    • a native use of idioms and slogans

Scammers will become more common and advanced, as they make use (or abuse) of AI to make their "phishing media" look and sound more legitimate.

Variants

  • Quishing = QR codes that lead to a seemingly legitimate website
  • Smishing = SMS text messages with links that sends the recipient to a malicious website
  • Vishing = voice phone calls (with social pressure) that prompt the recipient into sending sensitive information via a live voice call

Demographics of scammers

A rapidly-changing economy, in which many technically-savvy people have become unemployed, will result in more nuanced phishing techniques. Many of these recently unemployed will have the technical background and a better understanding of their resident country. They may also have enough finances to keep them afloat for a few years (but not enough to retire) and could resort to scamming as a shortcut to retirement. Having the time and luxury to look into abusing the latest technology could potentially make things worse.

Therefore, "domestic" wannabe scammers, with a more nuanced knowledge of technology and of their country's culture, could become more prevalent. They could very well outdo scammers whose overseas origins have little to no knowledge of their target country's culture.

Moving forward, everyone should practice the highest level of vigilance with their data!

scamsphishingcrimedark web
⬅️ older (in concepts)
🤔 Sorites paradox
newer (in concepts) ➡️
Digital hoarding 📲
⬅️ older (in wiki)
🤔 Sorites paradox
newer (in wiki) ➡️
Схватить на лету 🪆
⬅️ older (posts)
📉 On the decline of home timelines in social media
newer (posts) ➡️
Схватить на лету 🪆